CN112612742B - Platform firmware elastic topology - Google Patents
Platform firmware elastic topology Download PDFInfo
- Publication number
- CN112612742B CN112612742B CN202011586297.6A CN202011586297A CN112612742B CN 112612742 B CN112612742 B CN 112612742B CN 202011586297 A CN202011586297 A CN 202011586297A CN 112612742 B CN112612742 B CN 112612742B
- Authority
- CN
- China
- Prior art keywords
- management controller
- firmware
- control center
- platform
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 239000000758 substrate Substances 0.000 claims abstract description 42
- 230000002093 peripheral effect Effects 0.000 claims description 17
- 238000013461 design Methods 0.000 abstract description 13
- 238000010586 diagram Methods 0.000 description 5
- 238000000034 method Methods 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 235000007516 Chrysanthemum Nutrition 0.000 description 1
- 244000189548 Chrysanthemum x morifolium Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/42—Bus transfer protocol, e.g. handshake; Synchronisation
- G06F13/4282—Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the application provides a platform firmware elasticity topological device, belongs to the technical field of data safety, and has solved that the circuit is complicated after adopting platform firmware elasticity PFR among the current scheme, and the device overall arrangement on the PCB mainboard is walked the line and is become difficult, has brought very big difficulty in the design, increases the problem of design risk. The device comprises: the system comprises a field programmable gate array, a platform control center and a substrate management controller; the platform control center is connected with the substrate management controller through an ESPI bus and used for sending a reading instruction to the substrate management controller; the field programmable gate array is connected with the platform control center and the substrate management controller through an ESPI bus and used for acquiring a reading instruction sent by the platform control center to the substrate management controller.
Description
Technical Field
The embodiment of the application relates to the technical field of data security, in particular to a platform firmware elastic topology.
Background
With the development of the internet, but at the same time, network attacks on the internet become more and more, and the internet is more popular, and particularly in the cloud era of servers, people need to pay extra attention to data security of the servers and do security maintenance work of the cloud servers. The Intel proposed PFR techniques to ensure the security and reliability of the server against known or unknown attacks. The goal of intel PFR technology is to restore the firmware of a platform to a known good state by protecting platform assets, detecting corrupted firmware and malicious or erroneous behavior. In addition, with the continuous iterative development and promotion of Intel CPUs, the requirements of each generation of CPU platform on speed and performance are higher. In both the Intel pure platform and the Whitely platform, the LPC bus is used between the PCH and the BMC.
At present, in order to support TPM and BMC to update firmware on a server mainboard, the SPI circuit is difficult to be wired on a PCB, and the problem of SPI signal quality is possibly caused. The PFR technology of intel is increased at present, the complexity of an SPI circuit is increased, and higher requirements are put on the placement and wiring of PCB devices.
Disclosure of Invention
An object of the embodiment of the application is to provide a platform firmware elastic topology, which solves the problems that in the prior art, after platform firmware elastic PFR is adopted, the circuit is complex, the layout and routing of devices on a PCB main board become difficult, great difficulty is brought to design, and the design risk is increased.
The embodiment of the present application provides a platform firmware elastic topology, including:
the system comprises a field programmable gate array, a platform control center and a substrate management controller;
the platform control center is connected with the substrate management controller through an ESPI bus so that the platform control center sends a reading instruction to the substrate management controller;
the field programmable gate array is connected with the platform control center and the substrate management controller through an ESPI bus so as to enable the field programmable gate array to obtain the reading instruction sent to the substrate management controller by the platform control center.
Optionally, a general input/output interface of the field programmable gate array is defined.
Optionally, the step of defining the general-purpose input/output interface of the fpga includes:
defining the universal input/output interface connected with the reset interface of the platform control center as a Filtered SPI _ CS _ N interface;
defining the general input/output interface connected with the reset interface of the substrate management controller as an SPI _ CS _ N interface;
the interface connected with the data selector is defined as a MUX interface.
Optionally, the Filtered SPI _ CS _ N interface of the field programmable gate array is connected to the reset interface of the platform control center through the ESPI bus;
the SPI _ CS _ N interface of the field programmable gate array is connected with the reset interface of the substrate management controller through the ESPI bus.
Optionally, the connection between the fpga, the platform control center, and the bmc is a daisy chain topology connection.
Optionally, the firmware of the baseboard management controller includes a self firmware and a system firmware of the baseboard management controller.
Optionally, the self firmware and the system firmware of the bmc may be stored in the same spi register.
Optionally, the serial peripheral interface register is disposed on the platform control center and/or the baseboard management controller.
Optionally, the method further includes: a data selector;
the data selector is connected with the field programmable gate array through an SPI circuit and is used for acquiring MUX signals of the field programmable gate array;
the data selector is connected with the serial peripheral interface register through an SPI (serial peripheral interface) circuit and is used for acquiring the self firmware and the system firmware of the substrate management controller;
the data selector is connected with the platform control center and/or the baseboard management controller through an SPI circuit and used for acquiring instructions of the platform control center and/or the baseboard management controller.
Optionally, the data selector may switch the SPI path according to the MUX signal.
An embodiment of the present application provides a platform firmware resilient topology, including: the system comprises a field programmable gate array, a platform control center and a substrate management controller; the platform control center is connected with the substrate management controller through an ESPI bus so that the platform control center sends a reading instruction to the substrate management controller; the field programmable gate array is connected with the platform control center and the substrate management controller through an ESPI bus so as to enable the field programmable gate array to obtain the reading instruction sent to the substrate management controller by the platform control center. Pass through ESPI bus connection with above-mentioned field programmable gate array, above-mentioned platform control center and above-mentioned base plate management controller, adopt the SPI bus among the ESPI bus replacement prior art scheme, it is complicated to have solved among the prior art to adopt platform firmware elasticity PFR back circuit, and the difficulty that the line becomes is walked in the device overall arrangement on the PCB mainboard, has brought the difficulty in the design, increases the problem of design risk.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a connection diagram of a platform firmware resiliency topology in some examples;
fig. 2 is a connection diagram of a platform firmware resilient topology according to an embodiment of the present disclosure;
FIG. 3 is a diagram illustrating an arrangement of a firmware storage area according to an embodiment of the present disclosure;
fig. 4 is a schematic diagram of another arrangement manner of a firmware storage area according to an embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without making creative efforts belong to the protection scope of the embodiments in the present application.
The terms "comprising" and "having," and any variations thereof, as referred to in the embodiments of the present application, are intended to cover non-exclusive inclusions. For example, a process, apparatus, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements but may include other steps or elements not expressly listed or inherent to such process, apparatus, system, article, or apparatus.
FIG. 1 is a schematic diagram of a SPI connection topology supporting a PFR and a TPM module; the PFR requires an FPGA on a mainboard to support a PFR code, the FPGA provides power through a power supply module PSU, and a current path is formed through VR pins; the FPGA is respectively connected with a system firmware FLASH and a BMC firmware FLASH to the FPGA, the BMC is connected with two SPI data selectors MUX through an SPI bus, an SPI monitoring signal SPI monitor is transmitted, the system firmware FLASH and the BMC firmware FLASH are respectively connected through the two SPI MUXs, the SPI MUX of the BMC connected with the system firmware FLASH is used as a first data selector, the PCH is connected with the system firmware FLASH, the PCH is connected with a second SPI MUX after being connected with the first SPI MUX, the first SPI MUX is connected with the system firmware, the SPI MUX of the BMC connected with the BMC firmware FLASH is used as a third data selector, the FPGA is connected with the third data selector and the second data selector through the SPI bus, the FPGA is connected with the BMC and the second SPI bus through the SPI bus, and transmits a Reset signal and other control signals to the BMC and the PCH; when the server is started, the FPGA controls the mux to switch the SPI to the self, integrity measurement is carried out on firmware of the BMC and the system respectively, and reset signals of the BMC and the PCH are released after the measurement is passed, so that the BMC and the PCH can load the firmware to start working. When the server runs, the FPGA monitors the reading and writing of the BMC and the PCH to the FLASH through the SPI monitor signal, thereby preventing malicious operation and damaging firmware. If so, the FPGA forces the backup stored in FLASH to be overlaid on the corrupted firmware.
An embodiment of the present application provides a platform firmware resilient topology, including: the system comprises a field programmable gate array, a platform control center and a substrate management controller;
the platform control center is connected with the substrate management controller through an ESPI bus so that the platform control center sends a reading instruction to the substrate management controller;
the field programmable gate array is connected with the platform control center and the substrate management controller through an ESPI bus so as to enable the field programmable gate array to obtain the reading instruction sent to the substrate management controller by the platform control center.
For example, as shown in fig. 2, the platform control center PCH and the BMC are connected through an ESPI bus, and when one end is the platform control center PCH and the other end is the BMC, the platform control center PCH sends a read command to the BMC; the FPGA is connected with the platform control center PCH and the baseboard management controller BMC through an ESPI bus, and transmits Reset signals and other control signals of oth control signals to the BMC and the PCH; the FPGA acquires the reading instruction sent by the platform control center PCH to the baseboard management controller BMC, the FPGA provides power through a power module PSU, and a current path is formed through a VR pin; (ii) a
The general input/output interface of the FPGA connected with the reset interface of the platform control center is a Filtered SPI _ CS _ N interface, the general input/output interface of the FPGA connected with the reset interface of the substrate management controller is an SPI _ CS _ N interface, the interface of the FPGA connected with the data selector is a MUX interface, and the interface of the FPGA connected with the SPI FLASH is a Filtered SPI _ CS _ N interface;
the PCH is connected to the BMC and the FPGA through an eSPI bus, and the firmware of the BMC and the system is stored in the SPI FALSH in a partitioning mode;
the output of above-mentioned data selector passes through SPI bus connection SPI FALSH and above-mentioned FPGA, and above-mentioned FPGA sends control signal to above-mentioned data selector.
The platform control center is connected with the substrate management controller through an ESPI bus so that the platform control center sends a reading instruction to the substrate management controller; the field programmable gate array is connected with the platform control center and the substrate management controller through an ESPI bus so as to enable the field programmable gate array to obtain the reading instruction sent to the substrate management controller by the platform control center. Pass through ESPI bus connection with above-mentioned field programmable gate array, above-mentioned platform control center and above-mentioned base plate management controller, adopt ESPI bus to replace the SPI bus among the prior art scheme, it is complicated to have solved among the prior art to adopt platform firmware elasticity PFR back circuit, and the device layout on the PCB mainboard walks the difficulty that becomes, has brought the difficulty in the design, increases the problem of design risk.
In one possible implementation, a general purpose input-output interface of the field programmable gate array is defined.
For example, a general input/output interface of the fpga is defined so that the BMC and the PCH can read and write system firmware implemented through the ESPI bus.
In a possible implementation manner, the step of defining a general-purpose input/output interface of the field programmable gate array includes:
defining the universal input/output interface connected with the reset interface of the platform control center as a Filtered SPI _ CS _ N interface;
defining the general input/output interface connected with the reset interface of the substrate management controller as an SPI _ CS _ N interface;
the interface connected with the data selector is defined as a MUX interface.
Optionally, the Filtered SPI _ CS _ N interface of the field programmable gate array is connected to the reset interface of the platform control center through the ESPI bus;
the SPI _ CS _ N interface of the field programmable gate array is connected with the reset interface of the substrate management controller through the ESPI bus.
Illustratively, by defining a specific interface, the FPGA may control the BMC and the PCH to read and write system firmware implemented through the ESPI bus.
In one possible embodiment, the connection between the fpga, the platform control center, and the bmc is a daisy chain topology connection.
Illustratively, the PCH connects the FPGA and the BMC via an ESPI bus in a daisy chain topology, with the BMC at the end, in the simplest way to add more computers to the network, or to serially connect each computer next, as in the petals of a chrysanthemum. If a message is directed to the computer going down the way, each system bounces up it down the sequence until it reaches the destination.
In one possible embodiment, the firmware of the baseboard management controller includes the self firmware and the system firmware of the baseboard management controller.
In one possible embodiment, the native firmware and the system firmware of the baseboard management controller can be stored in the same SPI register.
The self firmware and the system firmware of the substrate management controller can be stored in the same serial peripheral interface register, so that the use of MUX and SPI FLASH is reduced, the wiring is reduced, the complexity of SPI design is reduced, and the reliability of design is improved.
In a possible embodiment, as shown in fig. 3 and 4, the serial peripheral interface register is disposed on the platform control center and/or the baseboard management controller, wherein the serial peripheral interface register is an SPI FLASH.
Illustratively, when the serial peripheral interface register is set, the position can be selectively set, which is beneficial to solving the complexity of SPI design.
In one possible embodiment, the method further comprises: a data selector;
the data selector is connected with the field programmable gate array through an SPI circuit and is used for acquiring MUX signals of the field programmable gate array;
the data selector is connected with the serial peripheral interface register through an SPI (serial peripheral interface) circuit and is used for acquiring the self firmware and the system firmware of the substrate management controller;
the data selector is connected with the platform control center and/or the substrate management controller through an SPI (serial peripheral interface) circuit and used for acquiring instructions of the platform control center and/or the substrate management controller.
Illustratively, the PCH is connected to the FPGA and the BMC through an ESPI bus, and is in a daisy chain topology, and the BMC is at the terminal; GPIO interfaces defining FPGA include: SPI _ CS _ N, filtered SPI _ CS _ N, MUX control signals to reset and other control signals to BMC and PCH, respectively; the FPGA code supports ESPI decoding and monitoring, and judges whether the firmware of the FLASH can be maliciously damaged by the current eSPI instruction; the MUX controls a signal to switch an SPI (Serial peripheral interface) channel, the selection is to BMC/PCH or FPGA, when the situation that the eSIP bus has malicious operation on FLASH is monitored, the SPI is switched to the FPGA, and malicious reading and writing are prevented; if the firmware is damaged maliciously, the PFR technology can copy the backed-up firmware in the flash to a firmware storage area. An eSPI-based PFR topology is implemented.
In one possible embodiment, the data selector can switch the SPI path according to the MUX signal.
ESPI monitoring between BMC and PCH is added, so that whether malicious operation on flash occurs or not can be judged in time; the use of MUX and SPI FLASH is reduced; the complexity of SPI design is reduced, and the reliability of design is improved.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus once an item is defined in one figure, it need not be further defined and explained in subsequent figures, and moreover, the terms "first", "second", "third", etc. are used merely to distinguish one description from another and are not to be construed as indicating or implying relative importance.
Finally, it should be noted that: the above embodiments are merely specific implementations of the embodiments of the present application, and are not intended to limit the technical solutions of the embodiments of the present application, and the scope of the embodiments of the present application is not limited thereto, and although the embodiments of the present application are described in detail with reference to the foregoing embodiments, it should be understood by those skilled in the art that: those skilled in the art can still make modifications or changes to the technical solutions described in the foregoing embodiments, or make equivalent substitutions for some technical features, within the technical scope of the embodiments disclosed in the present application; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present application. Are intended to be covered by the scope of the embodiments of the present application. Therefore, the protection scope of the embodiments of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A platform firmware resiliency topology, comprising:
the system comprises a field programmable gate array, a platform control center, a substrate management controller and a data selector;
the platform control center is connected with the substrate management controller through an ESPI bus so as to enable the platform control center to send a reading instruction to the substrate management controller;
the field programmable gate array is connected with the platform control center and the substrate management controller through an ESPI bus so as to enable the field programmable gate array to obtain the reading instruction sent to the substrate management controller by the platform control center;
the data selector is connected with the platform control center and/or the substrate management controller through an SPI (serial peripheral interface) line and is used for acquiring instructions of the platform control center and/or the substrate management controller.
2. The platform firmware resilient topology of claim 1, wherein a general purpose input-output interface of the field programmable gate array is defined.
3. The platform firmware resilient topology of claim 2, wherein the step of defining a generic input output interface of the field programmable gate array comprises:
defining the universal input/output interface connected with the reset interface of the platform control center as a Filtered SPI _ CS _ N interface;
defining the universal input/output interface connected with the reset interface of the baseboard management controller as an SPI _ CS _ N interface;
the interface connected with the data selector is defined as a MUX interface.
4. The platform firmware resiliency topology of claim 3,
the Filtered SPI _ CS _ N interface of the field programmable gate array is connected with the reset interface of the platform control center through the ESPI bus;
and the SPI _ CS _ N interface of the field programmable gate array is connected with the reset interface of the substrate management controller through the ESPI bus.
5. The platform firmware resilient topology of claim 1, wherein the field programmable gate array, the platform control center, and the baseboard management controller are connected in a daisy chain topology.
6. The platform firmware resiliency topology of claim 1, wherein the firmware of the baseboard management controller comprises a system firmware and a self firmware of the baseboard management controller.
7. The platform firmware resilient topology of claim 4, wherein the baseboard management controller's own firmware and system firmware can be stored in the same serial peripheral interface register.
8. The platform firmware resilient topology of claim 7, wherein the serial peripheral interface register is disposed on the platform control center and/or the baseboard management controller.
9. The platform firmware resilient topology of claim 7, further comprising: the data selector is connected with the field programmable gate array through an SPI (serial peripheral interface) line and is used for acquiring MUX (multiplexer) signals of the field programmable gate array;
the data selector is connected with the serial peripheral interface register through an SPI (serial peripheral interface) circuit and is used for acquiring the self firmware and the system firmware of the baseboard management controller.
10. The platform firmware resilient topology of claim 1, wherein the data selector is capable of switching SPI paths according to the MUX signal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011586297.6A CN112612742B (en) | 2020-12-29 | 2020-12-29 | Platform firmware elastic topology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011586297.6A CN112612742B (en) | 2020-12-29 | 2020-12-29 | Platform firmware elastic topology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112612742A CN112612742A (en) | 2021-04-06 |
| CN112612742B true CN112612742B (en) | 2022-12-27 |
Family
ID=75248673
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011586297.6A Active CN112612742B (en) | 2020-12-29 | 2020-12-29 | Platform firmware elastic topology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112612742B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113204804B (en) * | 2021-04-25 | 2022-03-22 | 山东英信计算机技术有限公司 | Security module, server mainboard and server |
| CN113448401B (en) * | 2021-05-28 | 2023-03-17 | 山东英信计算机技术有限公司 | Mainboard and server |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108874700B (en) * | 2018-06-01 | 2021-07-16 | 联想(北京)有限公司 | Electronic device |
| CN111966626B (en) * | 2020-07-29 | 2023-01-06 | 苏州浪潮智能科技有限公司 | Server starting device and method based on ESPI bus |
-
2020
- 2020-12-29 CN CN202011586297.6A patent/CN112612742B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN112612742A (en) | 2021-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101126995B (en) | Method and apparatus for processing serious hardware error | |
| CN105204965B (en) | Method and apparatus for the dynamic node reparation in multi-node environment | |
| TWI446161B (en) | Apparatus and method for handling a failed processor of a multiprocessor information handling system | |
| CN112612742B (en) | Platform firmware elastic topology | |
| US6910160B2 (en) | System, method, and computer program product for preserving trace data after partition crash in logically partitioned systems | |
| JP2017224272A (en) | Hardware failure recovery system | |
| CN111324192A (en) | System board power supply detection method, device, equipment and storage medium | |
| US20200133759A1 (en) | System and method for managing, resetting and diagnosing failures of a device management bus | |
| CN112286709B (en) | Diagnosis method, diagnosis device and diagnosis equipment for server hardware faults | |
| WO2018095107A1 (en) | Bios program abnormal processing method and apparatus | |
| CN111414268A (en) | Fault processing method and device and server | |
| CN111949457A (en) | Server fault chip detection method and device | |
| CN114816820A (en) | Method, device, equipment and storage medium for repairing chproxy cluster fault | |
| CN112181468A (en) | CPLD updating method, server and computer readable storage medium | |
| CN112199240A (en) | Method for switching nodes during node failure and related equipment | |
| US11640377B2 (en) | Event-based generation of context-aware telemetry reports | |
| CN212541329U (en) | Dual-redundancy computer equipment based on domestic Loongson platform | |
| CN115599617B (en) | Bus detection method and device, server and electronic equipment | |
| WO2008004330A1 (en) | Multiple processor system | |
| CN111078454A (en) | Cloud platform configuration recovery method and device | |
| CN114996069A (en) | Mainboard test method, device and medium | |
| CN114884836A (en) | High-availability method, device and medium for virtual machine | |
| JP2013200616A (en) | Information processor and restoration circuit of information processor | |
| US10997012B2 (en) | Identifying defective field-replaceable units that include multi-page, non-volatile memory devices | |
| US11922175B2 (en) | Unplanned reboot expedited recovery for network devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |